[
https://issues.apache.org/jira/browse/HDFS-2368?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13116117#comment-13116117
]
Jitendra Nath Pandey commented on HDFS-2368:
--------------------------------------------
+1 for the patch.
I think that namenode should use combined keytab for http principal as well.
Currently, namenode uses same key tab for both namenode principal and
https(host) principal. But, that would require some code change as well and can
be addressed in a separate jira.
> defaults created for web keytab and principal, these properties should not
> have defaults
> ----------------------------------------------------------------------------------------
>
> Key: HDFS-2368
> URL: https://issues.apache.org/jira/browse/HDFS-2368
> Project: Hadoop HDFS
> Issue Type: Bug
> Affects Versions: 0.20.205.0
> Reporter: Arpit Gupta
> Assignee: Tsz Wo (Nicholas), SZE
> Attachments: h2368_20110927.patch, h2368_20110927_0.20s.patch
>
>
> the following defaults are set in hdfs-defaults.xml
> <property>
> <name>dfs.web.authentication.kerberos.principal</name>
> <value>HTTP/${dfs.web.hostname}@${kerberos.realm}</value>
> <description>
> The HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint.
> The HTTP Kerberos principal MUST start with 'HTTP/' per Kerberos
> HTTP SPENGO specification.
> </description>
> </property>
> <property>
> <name>dfs.web.authentication.kerberos.keytab</name>
> <value>${user.home}/dfs.web.keytab</value>
> <description>
> The Kerberos keytab file with the credentials for the
> HTTP Kerberos principal used by Hadoop-Auth in the HTTP endpoint.
> </description>
> </property>
> These properties should not have defaults
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
